]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a7fea96) | patch
SSLv2 records force SslBump bumping despite a matching step2 peek rule.
authorChristos Tsantilas <chtsanti@users.sourceforge.net>
Thu, 26 Jan 2017 16:22:30 +0000 (18:22 +0200)
committerChristos Tsantilas <chtsanti@users.sourceforge.net>
Thu, 26 Jan 2017 16:22:30 +0000 (18:22 +0200)
commit6744c1a8d7e44ec5553ebde76c4a81dc0785043e
treeb0d9ed54fc4d77a8116b9bf307536b78d992f67ctree | snapshot
parenta7fea967e5e8385c438aed2fdfe5f3bd9c43d2dccommit | diff
SSLv2 records force SslBump bumping despite a matching step2 peek rule.

If Squid receives a valid TLS Hello encapsulated into ancient SSLv2
records (observed on Solaris 10), the old code ignored the step2 peek
decision and bumped the transaction instead.
Now Squid peeks (or stares) at the origin server as configured, even
after detecting (and parsing) SSLv2 records.

This is a Measurement Factory project.
src/ssl/PeekingPeerConnector.cc diff | blob | blame | history
src/ssl/bio.cc diff | blob | blame | history
src/ssl/bio.h diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git